2f634f2862
New option koha-create --letsencrypt - installs the letsencrypt package if needed - creates <instance> - generates letsencrypt certificates for <instance> - sets up a https-only website for <instance> - redirects http to https for <instance> ! you need to enable jessie backports to install letsencrypt: add deb http://http.debian.net/debian jessie-backports main contrib non-free to your /etc/apt/sources.list ! this patch uses the letsencrypt staging server to create real certificates, apply thy "LE production server" patch Test plan: - build a debian package with patch applied - use apache mod_ssl sudo a2enmod ssl - make sure the machine is accessible on 80 (needed for letsencrypt) and 443 from the internet - install koha with your new package - Put your (existing) domain options in /etc/koha/koha-sites.conf - use koha-create with the new options: sudo koha-create --create-db --letsencrypt <instance> - if you do not have the letsencrypt package installed, you will be prompted to do that [ if there is no package available, a symlink to the git checkout will work: on your test server, get letsencrypt via git git clone https://github.com/letsencrypt/letsencrypt create a symlink from /usr/bin/letsencrypt to letsencrypt-auto sudo ln -s /path/to/letsencrypt/letsencrypt-auto /usr/bin/letsencrypt ] - wait until setup is finished, check that you got a working OPAC and staff client with certificates - check that http redirects to https Signed-off-by: Chris Cormack <chrisc@catalyst.net.nz> Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org> Signed-off-by: Kyle M Hall <kyle@bywatersolutions.com>
53 lines
1.7 KiB
Bash
Executable file
53 lines
1.7 KiB
Bash
Executable file
#!/bin/sh
|
|
# koha-foreach -- run a command for each Koha instance
|
|
# Copyright 2010 Catalyst IT, Ltd
|
|
#
|
|
# This program is free software: you can redistribute it and/or modify
|
|
# it under the terms of the GNU General Public License as published by
|
|
# the Free Software Foundation, either version 3 of the License, or
|
|
# (at your option) any later version.
|
|
#
|
|
# This program is distributed in the hope that it will be useful,
|
|
# but WITHOUT ANY WARRANTY; without even the implied warranty of
|
|
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
|
|
# GNU General Public License for more details.
|
|
#
|
|
# You should have received a copy of the GNU General Public License
|
|
# along with this program. If not, see <http://www.gnu.org/licenses/>.
|
|
|
|
|
|
set -e
|
|
|
|
listopts=""
|
|
while [ ! -z "$1" ]
|
|
do
|
|
case "$1" in
|
|
--email) listopts="$listopts --email";;
|
|
--noemail) listopts="$listopts --noemail";;
|
|
--enabled) listopts="$listopts --enabled";;
|
|
--disabled) listopts="$listopts --disabled";;
|
|
--sip) listopts="$listopts --sip";;
|
|
--nosip) listopts="$listopts --nosip";;
|
|
--plack) listopts="$listopts --plack";;
|
|
--noplack) listopts="$listopts --noplack";;
|
|
--letsencrypt) listopts="$listopts --letsencrypt" ;;
|
|
--noletsencrypt) listopts="$listopts --noletsencrypt" ;;
|
|
*) break;;
|
|
esac
|
|
shift
|
|
done
|
|
|
|
for name in $(koha-list $listopts)
|
|
do
|
|
cmd=`echo "$@" | sed -e s/__instancename__/${name}/g`
|
|
(
|
|
exec 3>&1
|
|
sudo -u "$name-koha" \
|
|
env PERL5LIB=/usr/share/koha/lib \
|
|
KOHA_CONF="/etc/koha/sites/$name/koha-conf.xml" \
|
|
${cmd} 2>&1 >&3 | sed -e "s/^/$name: /" >&2 3>&-
|
|
exec 3>&-
|
|
) | sed -e "s/^/$name: /"
|
|
|
|
done
|
|
|